Jay Bilingham
Ransomware & cybercrime ecosystem
Jay tracks the criminal economy — RaaS operators, initial access brokers, leak-site dynamics. Reports as much from Telegram channels as from incident-response reports.
Recent stories
AI Security
White House Puts OpenAI and Anthropic Models on a Short Leash Pending Cybersecurity Review
The Trump administration is vetting frontier AI releases before they reach the public — and both major labs are complying.
Jun 29
AI Security
OpenAI Hands GPT-5.6 to a Closed Circle, Citing Cyber and National Security Hooks
Three variants — Sol, Terra, and Luna — ship to a small slate of enterprise partners and U.S. government workstreams under a limited preview.
Jun 27
Threat Intelligence
North Korean Malware Tells AI Analyzers to Look Away
A macOS sample attributed to Pyongyang-linked actors contains prompts designed to make LLM-assisted security tools abandon their analysis. Defenders are starting to notice the pattern.
Jun 26
Threat Intelligence
Mini Shai-Hulud Worm Jumps to Go, Hits LeoPlatform and RStreams npm Packages
The self-propagating supply chain campaign tied to Miasma and Hades has spread again — abusing GitHub Actions workflows and now reaching Go modules.
Jun 26
Identity & Access
Philip Martin Takes the CISO Chair at Uber
The former Coinbase security chief steps into one of tech's more scrutinised security roles, bringing a résumé that spans crypto, defence contracting, and cloud infrastructure.
Jun 26
Threat Intelligence
The Week in Cheap Crime: Stale Creds, Trusted Apps, and Phishing Through the Front Door
Not elite. Not cinematic. Just effective — and that's the problem.
Jun 25
Identity & Access
Account Takeovers Still Outrunning Detection, Vendors Push Behavioral AI as Answer
Compromised credentials remain the cheapest entry point on criminal marketplaces. A new webinar argues behavioral models, not static rules, are the only way to close the gap.
Jun 25
AI Security
CIOs Are Running AI Governance Without a Playbook — and the Clock Is Running
Boards want AI returns. Employees want access. Compliance teams want guardrails. The CIO is stuck in the middle of all three.
Jun 25
Vulnerabilities
Cisco Catalyst SD-WAN Bug Hit as Zero-Day Months Before Disclosure
Mandiant says an unidentified actor exploited CVE-2026-20245 for at least two months before Cisco's public advisory, gaining root on affected appliances.
Jun 25
Vulnerabilities
Non-Admin macOS Accounts Can Chain Native OS Features to Blind Endpoint Security Tools
No exploit required. Researchers found that standard user privileges are enough to chain macOS weaknesses and silently kill endpoint security agents — no vulnerability needed.
Jun 24
Vulnerabilities
Cordyceps Flaw Class Hands Attackers the Keys to 300+ GitHub Repos
A newly catalogued CI/CD weakness lets attackers hijack workflows at Microsoft, Google and Apache projects, researchers say.
Jun 24
AI Security
Fake AI Agent Skill Exploits Security Gaps, Reaches 26,000 Users
A malicious AI agent skill bypassed security checks, exposing potential risks in enterprise environments.
Jun 24
Policy & Regulation
DOJ Seizes HuiOne Cloud Account, Treasury Sanctions Prince Group Network
Cambodia-based conglomerates accused of laundering proceeds from pig-butchering and cyber-enabled fraud face coordinated U.S. action.
Jun 24
AI Security
Fake Agent Skill Slips Past Every Scanner, Lands on 26,000 AI Agents
A red-team experiment by AIR pushed a booby-trapped skill through a popular marketplace and an Instagram ad. The skill marketplaces' security scanners shrugged.
Jun 23
AI Security
Email security teams are buried in alerts. Behavioral AI vendors say they have an answer.
Phishing, BEC and account takeover noise keeps SOCs busy. A new webinar pitches behavioral detection as the way to cut through it.
Jun 23